Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of unsigned integer arithmetic in the message size calculation function ipcvalidatemsg,...

USN-8135-1: Pillow vulnerabilities

It was discovered that Pillow did not correctly handle reading J2K files, which could lead to an out-of-bounds read vulnerability. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue...

[SECURITY] Fedora 43 Update: php-phpseclib-2.0.52-1.fc43

MIT-licensed pure-PHP implementations of an arbitrary-precision integer arithmetic library, fully PKCS1 v2.1 compliant RSA, DES, 3DES, RC4, Rijndael, AES, Blowfish, Twofish, SSH-1, SSH-2, SFTP, and X.509...

Ubuntu: Security Advisory (USN-8086-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 24.04 LTS / 25.10 : FreeType vulnerability (USN-8086-1)

The remote Ubuntu 24.04 LTS / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-8086-1 advisory. It was discovered that FreeType did not correctly handle certain integer arithmetic. An attacker could possibly use this issue to leak sensitive...

ImageMagick Has Signed Integer Overflow in SIXEL Decoder, Leading to Memory Corruption

A signed integer overflow vulnerability in ImageMagick's SIXEL decoder allows an attacker to trigger memory corruption and denial of service when processing a maliciously crafted SIXEL image file. The vulnerability occurs during buffer reallocation operations where pointer arithmetic using signed...

USN-8086-1: FreeType vulnerability

It was discovered that FreeType did not correctly handle certain integer arithmetic. An attacker could possibly use this issue to leak sensitive information...

USN-8086-1 freetype vulnerability

It was discovered that FreeType did not correctly handle certain integer arithmetic. An attacker could possibly use this issue to leak sensitive information...

USN-8076-1 qtbase-opensource-src vulnerabilities

It was discovered that Qt did not correctly handle OpenSSL's error queue. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 20.04 LTS. CVE-2020-13962 It was discovered that Qt incorrectly handled certain XBM image files. If a user or...

Libgcrypt 1.12.0

Libgcrypt is a general-purpose cryptographic library based on the code from GnuPG. It provides functions for all cryptographic building blocks: symmetric ciphers AES, DES, Blowfish, CAST5, Twofish, and Arcfour, hash algorithms MD4, MD5, RIPE-MD160, SHA-1, and TIGER-192, MACs HMAC for all hash...

USN-7982-1 ffmpeg vulnerabilities

It was discovered that FFmpeg did not correctly handle certain memory operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS and Ubuntu 25.10. CVE-2025-59728 It was...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 / 25.10 : klibc vulnerabilities (USN-7959-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-7959-1 advisory. It was discovered that zlib, vendored in klibc, did not properly handle integer...

USN-7959-1 klibc vulnerabilities

It was discovered that zlib, vendored in klibc, did not properly handle integer arithmetic. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service...

USN-7959-1: klibc vulnerabilities

It was discovered that zlib, vendored in klibc, did not properly handle integer arithmetic. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service...

EUVD-2007-4656

Malware in sbrugna...

EUVD-2007-4643

Malware in sbrugna...

EUVD-2016-1575

Malware in sbrugna...

[SECURITY] Fedora 42 Update: php-phpseclib3-3.0.43-1.fc42

MIT-licensed pure-PHP implementations of an arbitrary-precision integer arithmetic library, fully PKCS1 v2.1 compliant RSA, DES, 3DES, RC4, Rijndael, AES, Blowfish, Twofish, SSH-1, SSH-2, SFTP, and X.509...

The vulnerability of the Windows Media Player media player on the Windows operating system, which allows a hacker to execute arbitrary code.

The vulnerability of Windows Media Player, a component of the Windows operating system, arises due to a loss of precision in integer arithmetic. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

UBUNTU-CVE-2018-13347

mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002...